<?php
include("../../tools/session.php");
include("../../tools/controls.php");
include("../../tools/pub.php");

// 如果登录失败、无权限访问，那么采取相应措施
if (!($is_login_success === true)) { session_hop_page("../index.php"); exit(); }
if (!power_check(0)) { include("tpl-inc-wp.php"); $tpl->display($oa_tpl_path . "/no-power.html"); exit(); }

/*-- 以下是实际内容 --*/
$page_status = $_POST["page_status"];
if (!$page_status)
{	
	include("../../tools/mysql.php");
	include("tpl-inc-wp.php");
	db_connect();
	
	$sql = "SELECT * FROM company WHERE company_id<>0 ORDER BY company_id ASC";
	$re = db_query($sql);
	
	$tpl->assign("company_button_list", $re);
	$tpl->display($oa_tpl_path . "/default/set_position.html");
}
// 显示 XML
elseif ($page_status == 1)
{
	$id = $_POST["id"];
	include("../../tools/mysql.php");
	db_connect();
	
	header("content-type: text/xml");
	echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
	echo "<root>\n";

	$sql = "SELECT * FROM `position` WHERE position_id<>0 AND section_id=" . $id . " ORDER BY position_id ASC";
	$re = db_query($sql);
	
	foreach ($re as $v)
	{
		echo "<item>";
		echo "<enname><![CDATA[" . $v["name"] . "]]></enname>";
		echo "<zhname><![CDATA[" . $v["zh_name"] . "]]></zhname>";
		echo "</item>";
	}
	
	echo "</root>\n";
}
// 如果有数据提交过来
elseif ($page_status == 2)
{
	include("../../tools/mysql.php");
	db_connect();
	
	$enname = $_POST["enname"];
	$zhname = $_POST["zhname"];
	$belongto = $_POST["belongto"];
	
	// echo $enname . ", " . $zhname . ", " . $belongto ;
	// exit();
	
	header("content-type: text/xml");
	echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
	
	$sql = "INSERT INTO `position`(name, zh_name, section_id) VALUES('" . $enname . "', '" . $zhname . "', '" . $belongto . "')";
	// $sql = "INSERT INTO `position`(name, zh_name, section_id) VALUES('new', '新的', 1)";
	// $re = db_exec($sql);
	// $msg = $re ? "Success" : "Error";
	$log_str = array("添加新职位“" . $zhname . "”成功！", "添加新职位失败！");
	$msg = check_status_write_to_log(db_exec($sql), $log_str, TRUE); 
		
	echo "<root>";
	echo "<msg><![CDATA[" . $msg . "]]></msg>";
	echo "</root>";
}
// 如果要求显示部门数据
elseif ($page_status == 3)
{
	include("../../tools/mysql.php");
	db_connect();
	
	$cid = $_POST["id"];
	
	header("content-type: text/xml");
	echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
	
	$sql = "SELECT * FROM section WHERE company_id=" . $cid;
	$re = db_query($sql);
	
	echo "<sections>\n";
	foreach ($re as $v)
	{
		echo "<item>\n";
		echo "<id><![CDATA[" . $v["section_id"] . "]]></id>\n";
		echo "<enname><![CDATA[" . $v["name"] . "]]></enname>\n";
		echo "<zhname><![CDATA[" . $v["zh_name"] . "]]></zhname>\n";
		echo "<masterid><![CDATA[" . $v["master_id"] . "]]></masterid>\n";
		echo "<power><![CDATA[" . $v["power"] . "]]></power>\n";
		echo "</item>\n";
	}
	echo "</sections>";
}
?>
